General
-
Target
c15e2ffa84d30fa17e9c61c19cde98b22ac6e259ec16b68a9927bed13a0aec07.zip
-
Size
15KB
-
MD5
d6693225e0f9c2fd0a9fb9574dabe082
-
SHA1
e67578a96194dfe081ba89d648f0a8386376d22c
-
SHA256
b1e85d2f8375125f100ed6f858f992b8273cd8e3daf6670808ad94b48f0c481e
-
SHA512
4da9ccf97d17068c50fe757ff36fb23cee0116996fb47ab6546000de0b84ea97278f4e7be0c0aaba45c9f29e97df5dabed22e29e57a339ffd0f22e88849875f6
-
SSDEEP
384:QtwD0ISivt0kmPMTYwGOtVJxHWnCOzPdYP:swD0B807MsM/WCmVe
Malware Config
Signatures
-
Chaos Ransomware 1 IoCs
resource yara_rule static1/unpack001/c15e2ffa84d30fa17e9c61c19cde98b22ac6e259ec16b68a9927bed13a0aec07.exe family_chaos -
Chaos family
Files
-
c15e2ffa84d30fa17e9c61c19cde98b22ac6e259ec16b68a9927bed13a0aec07.zip.zip
Password: infected
-
c15e2ffa84d30fa17e9c61c19cde98b22ac6e259ec16b68a9927bed13a0aec07.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ